ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Lenovo - if it's on your network, you ARE breached.

    IT Discussion
    lenovo security
    14
    93
    10.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wirestyle22W
      wirestyle22
      last edited by

      Sigh. This is something I bring up anytime someone says 'Lenovo'. We buy nothing but Lenovo and I'm very close to having a seizure at work.

      scottalanmillerS 1 Reply Last reply Reply Quote 1
      • T
        Texkonc
        last edited by

        The saying, you get what you pay for.
        Network full of viruses!

        1 Reply Last reply Reply Quote 1
        • T
          Texkonc @Dashrender
          last edited by

          @dashrender said in Lenovo - if it's on your network, you ARE breached.:

          The OP should be updated with links to credible news stories talking about the listed issues.
          Not because the OP is wrong, but because to most, this is just a random tech website, where there is no proof that there is no ax to grind, etc. So linking to credible news sources (several would be better) helps ensure the reader of the validity of the claims here.

          Yup

          1 Reply Last reply Reply Quote 0
          • travisdh1T
            travisdh1 @Dashrender
            last edited by

            @dashrender said in Lenovo - if it's on your network, you ARE breached.:

            The OP should be updated with links to credible news stories talking about the listed issues.
            Not because the OP is wrong, but because to most, this is just a random tech website, where there is no proof that there is no ax to grind, etc. So linking to credible news sources (several would be better) helps ensure the reader of the validity of the claims here.

            I'd love to, but most of the claims I've made have originated right here, and been later confirmed by myself testing on an X220 which has since been given the Office Space treatment. I'd love some external confirmation!

            1 Reply Last reply Reply Quote 0
            • travisdh1T
              travisdh1 @EddieJennings
              last edited by

              @eddiejennings said in Lenovo - if it's on your network, you ARE breached.:

              Confirmed OP is a Dell fanboi 😛

              HP, Dell, SuperMicro, Huaway, just about anything other than Lenovo, yes.

              EddieJenningsE 1 Reply Last reply Reply Quote 0
              • travisdh1T
                travisdh1 @Dashrender
                last edited by

                @dashrender said in Lenovo - if it's on your network, you ARE breached.:

                The OP should be updated with links to credible news stories talking about the listed issues.
                Not because the OP is wrong, but because to most, this is just a random tech website, where there is no proof that there is no ax to grind, etc. So linking to credible news sources (several would be better) helps ensure the reader of the validity of the claims here.

                I'll also note that this all came to light while a used X220 was being shipped to me, so yes, I have an axe to grind, but I've also personally seen this stuff happen.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @wirestyle22
                  last edited by

                  @wirestyle22 said in Lenovo - if it's on your network, you ARE breached.:

                  Sigh. This is something I bring up anytime someone says 'Lenovo'. We buy nothing but Lenovo and I'm very close to having a seizure at work.

                  You are at a job where people should be in jail for that.

                  wirestyle22W 1 Reply Last reply Reply Quote 2
                  • dbeatoD
                    dbeato
                    last edited by

                    I have seen old articles on this:

                    https://www.cnet.com/how-to/lenovo-superfish-adware-uninstall-fix/

                    https://www.pcmag.com/article2/0,2817,2477277,00.asp

                    http://www.zdnet.com/article/lenovo-reportedly-blocking-linux-on-windows-10-signature-edition-pcs/

                    https://arstechnica.com/information-technology/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/

                    1 Reply Last reply Reply Quote 1
                    • wirestyle22W
                      wirestyle22 @scottalanmiller
                      last edited by

                      @scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

                      @wirestyle22 said in Lenovo - if it's on your network, you ARE breached.:

                      Sigh. This is something I bring up anytime someone says 'Lenovo'. We buy nothing but Lenovo and I'm very close to having a seizure at work.

                      You are at a job where people should be in jail for that.

                      Hopefully not for long

                      1 Reply Last reply Reply Quote 0
                      • black3dynamiteB
                        black3dynamite
                        last edited by

                        This is an issue when using Windows only?

                        travisdh1T scottalanmillerS 2 Replies Last reply Reply Quote 0
                        • travisdh1T
                          travisdh1 @black3dynamite
                          last edited by

                          @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                          This is an issue when using Windows only?

                          No, everything.

                          Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                          donaldlandruD 1 Reply Last reply Reply Quote 0
                          • donaldlandruD
                            donaldlandru @travisdh1
                            last edited by

                            @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                            @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                            This is an issue when using Windows only?

                            No, everything.

                            Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                            I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.

                            travisdh1T scottalanmillerS 3 Replies Last reply Reply Quote 0
                            • EddieJenningsE
                              EddieJennings @travisdh1
                              last edited by

                              @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                              @eddiejennings said in Lenovo - if it's on your network, you ARE breached.:

                              Confirmed OP is a Dell fanboi 😛

                              HP, Dell, SuperMicro, Huaway, just about anything other than Lenovo, yes.

                              Ha!

                              1 Reply Last reply Reply Quote 0
                              • travisdh1T
                                travisdh1 @donaldlandru
                                last edited by

                                @donaldlandru said in Lenovo - if it's on your network, you ARE breached.:

                                @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                                This is an issue when using Windows only?

                                No, everything.

                                Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                                I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.

                                That's great, you're entire network has already been pwnd tho, thanks to that absolutely assinine BIOS code.

                                donaldlandruD 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @donaldlandru
                                  last edited by

                                  @donaldlandru said in Lenovo - if it's on your network, you ARE breached.:

                                  @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                  @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                                  This is an issue when using Windows only?

                                  No, everything.

                                  Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                                  I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.

                                  Lenovo had some of them set so that the UEFI would load malicious code regardless of where you got the drivers.

                                  1 Reply Last reply Reply Quote 1
                                  • scottalanmillerS
                                    scottalanmiller @black3dynamite
                                    last edited by

                                    @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                                    This is an issue when using Windows only?

                                    Depends on the model. Some issues are Windows only. Some are not. Of course, this is only issues that have been caught. Since no one knows if all issues have been caught, you'll never know.

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      With Lenovo, it's like letting a highly skilled thief into your house. You know they are trying to steal from you. And you just hope that you have figured out all of their tricks. But that's naive. It's just inviting risk. It's like counting all the jewels as you let a thief wander around your house rather than just locking the front door in the first place.

                                      1 Reply Last reply Reply Quote 1
                                      • donaldlandruD
                                        donaldlandru @travisdh1
                                        last edited by donaldlandru

                                        @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                        @donaldlandru said in Lenovo - if it's on your network, you ARE breached.:

                                        @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                        @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                                        This is an issue when using Windows only?

                                        No, everything.

                                        Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                                        I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.

                                        That's great, you're entire network has already been pwnd tho, thanks to that absolutely assinine BIOS code.

                                        And do you have links to back up these claims? Quite a few Google searches later and at the BIOS level I have not found a vulnerability that was also not found in other manufacturers BIOS as well by other IBV's. This suggests that the issue may be further up the chain. Nasty Lenovo UEFI exploit also affects products from other vendors

                                        While it does not excuse the behavior, the worst thing I have seen in this Lenovo issue, is not what they have done, yet simply the fact they were not up front about it.

                                        Why so I not see any posts saying to banish Siri enabled devices from the network? IBM thought Apple storing transcripts and recordings of interactions was a threat.
                                        How about Barracuda? Between large subnets of allowed addresses on their support ports and hard coded common passwords, I don't see any if you have Barracuda, Russia owns your network posts.

                                        Samsung TV's, Amazon Echo's, Google Homes, and other platforms do nothing but use methods to scan your network and force control over your devices and collect data, yet no screams for bans on those.

                                        While a poor example, Windows 10 does almost everything Lenovo is getting cheap for natively. (E.g. Telemetry, you can't turn it 100% off. If you remove an update it automatically puts itself back on. Hell even today I had a machine with expired WebRoot, my only options were to renew webroot or install Windows Defender before continuing) the last one may actually be webroot doing the nagging I have not confirmed that.

                                        Now let be clear, I am not going out and saying Lenovo's are 100% safe, in fact my research today on this topic shows it is not. However, that same research shows no manufacturer is safe. Check out this article on eDellRoot Dell computers with the eDellRoot root certificate may allow attackers to sign SSL/TLS certificates as legitimate sources and can be vulnerable to man-in-the-middle attacks. Even without the article pointing out several times this being reminiscent of Superfish it sounds pretty close to me.

                                        I would support the title of this post being Some Lenovo consumer models computers are susceptible to really shady things because manufactures want to make money, but the title as is, in my opinion, does not accurately represent the situation.

                                        Edit: added source for BIOS claim. Updated closing thoughts based on additional research.

                                        During my search, I think the comment found below sums up the whole thing.
                                        NOT intending to excuse Lenovo, but I work in the business, and ALL major companies (HP, Microsoft, Apple, Google, AT&T, Verizon, Comcast, etc...) Hate Us, and would happily sell razor blades to babies if they could figure out how to weather the lawsuits & still turn a profit...

                                        scottalanmillerS 4 Replies Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @donaldlandru
                                          last edited by

                                          @donaldlandru said in Lenovo - if it's on your network, you ARE breached.:

                                          @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                          @donaldlandru said in Lenovo - if it's on your network, you ARE breached.:

                                          @travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

                                          @black3dynamite said in Lenovo - if it's on your network, you ARE breached.:

                                          This is an issue when using Windows only?

                                          No, everything.

                                          Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.

                                          I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.

                                          That's great, you're entire network has already been pwnd tho, thanks to that absolutely assinine BIOS code.

                                          And do you have links to back up these claims? Quite a few Google searches later and at the BIOS level I have not found a vulnerability that was also not found in other manufacturers BIOS as well by other IBV's. This suggests that the issue may be further up the chain. Nasty Lenovo UEFI exploit also affects products from other vendors

                                          While it does not excuse the behavior, the worst thing I have seen in this Lenovo issue, is not what they have done, yet simply the fact they were not up front about it.

                                          Why so I not see any posts saying to banish Siri enabled devices from the network? IBM thought Apple storing transcripts and recordings of interactions was a threat.
                                          How about Barracuda? Between large subnets of allowed addresses on their support ports and hard coded common passwords, I don't see any if you have Barracuda, Russia owns your network posts.

                                          Samsung TV's, Amazon Echo's, Google Homes, and other platforms do nothing but use methods to scan your network and force control over your devices and collect data, yet no screams for bans on those.

                                          While a poor example, Windows 10 does almost everything Lenovo is getting cheap for natively. (E.g. Telemetry, you can't turn it 100% off. If you remove an update it automatically puts itself back on. Hell even today I had a machine with expired WebRoot, my only options were to renew webroot or install Windows Defender before continuing) the last one may actually be webroot doing the nagging I have not confirmed that.

                                          Now let be clear, I am not going out and saying Lenovo's are 100% safe, in fact my research today on this topic shows it is not. However, that same research shows no manufacturer is safe. Check out this article on eDellRoot Dell computers with the eDellRoot root certificate may allow attackers to sign SSL/TLS certificates as legitimate sources and can be vulnerable to man-in-the-middle attacks. Even without the article pointing out several times this being reminiscent of Superfish it sounds pretty close to me.

                                          I would support the title of this post being Some Lenovo consumer models computers are susceptible to really shady things because manufactures want to make money, but the title as is, in my opinion, does not accurately represent the situation.

                                          Edit: added source for BIOS claim. Updated closing thoughts based on additional research.

                                          During my search, I think the comment found below sums up the whole thing.
                                          NOT intending to excuse Lenovo, but I work in the business, and ALL major companies (HP, Microsoft, Apple, Google, AT&T, Verizon, Comcast, etc...) Hate Us, and would happily sell razor blades to babies if they could figure out how to weather the lawsuits & still turn a profit...

                                          Actually yes. We should be years past anyone asking for proof yet again. This is a dead horse. Lenovo was all over the news time and time again. This isn't anything that came from ML. This is "if people don't know by now they are ignoring it" territory. It's been all over every major IT news outlet for years.

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller
                                            last edited by

                                            I'm a bit shocked that anyone is questioning that there might be some grey area in which Lenovo might be in any way acceptable to use. There is no vendor, ever, to have worked this way. Lenovo is completely unprecedented in the depth, breadth, audacity or repetition of their attacks.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 1 / 5
                                            • First post
                                              Last post